Singapore strengthens cyber resilience against AI threats
Singapore’s latest cyber landscape report highlights AI, quantum and critical infrastructure risks.
Singapore’s Cyber Security Agency (CSA) has outlined new and ongoing initiatives to strengthen national cyber resilience as AI reshapes the cyber threat landscape.
The measures are detailed in the Singapore Cyber Landscape 2025/2026 report, which reviews cybersecurity trends and the country’s response to evolving digital threats.
CSA said AI is reshaping the global cyber threat environment by enabling attackers to operate with greater speed, scale and sophistication. The agency said agentic AI is a particular concern because autonomous systems could automate parts of the cyber kill chain, compressing attacks that once unfolded over days into hours.
The agency cited Anthropic’s Mythos and the misuse of OpenClaw, an open-source agentic AI framework, as examples of how AI can accelerate vulnerability research, exploit development and cyberattack preparation.
At the same time, CSA said AI can strengthen cyber defence by improving threat detection, accelerating incident response and helping organisations identify vulnerabilities more quickly. As AI systems become more widely deployed across enterprise networks and critical infrastructure, however, they are also becoming attractive targets, making secure AI deployment an increasing priority.
To support secure AI adoption, CSA has published Guidelines on Securing AI Systems and a Companion Guide for system owners. It also released a discussion paper on securing agentic AI systems in October 2025 and said it will continue working with international partners on AI security standards.
The report also highlights how AI is changing the tactics of phishing and scam operations. CSA said attackers can use AI to generate convincing phishing lures at scale, produce realistic voice clones and video deepfakes, and create tools that can bypass multi-factor authentication.
CSA also warned that AI is making phishing and scam campaigns more convincing through voice cloning, video deepfakes and large-scale generation of personalised phishing messages. Despite these growing capabilities, reported phishing cases fell by 21% in 2025 to around 4,800 incidents.
Singapore has also launched the pilot National Simulated Scams Exercise, supported by the Ministry of Home Affairs. The exercise simulated AI-enabled government official impersonation scam calls to help the public recognise and respond to emerging scam tactics.
CSA said the number of infected infrastructure units detected in Singapore rose sharply to 284,300 in 2025, a 142% increase from 2024. The increase was driven mainly by persistent malicious infrastructure activity and improved detection of infected botnet devices.
The agency said weakly secured consumer Internet-of-Things devices and unpatched firmware continue to create opportunities for botnet operators. To address this, all residential routers sold in Singapore must meet Cybersecurity Labelling Scheme Level 2 requirements by the end of 2027.
Ransomware also remained a significant threat, with reported cases rising slightly from 159 in 2024 to 165 in 2025. CSA said small- and medium-sized enterprises remained disproportionately affected due to lower cybersecurity maturity and limited resources.
To support SMEs, CSA backed the Cyber Resilience Centre, which provides cybersecurity health checks and recovery assistance after incidents. Eligible SMEs can also receive co-funding for cybersecurity advisory services through the CISO-as-a-Service programme.
One of the year’s most significant incidents involved an attempted intrusion by the APT group UNC3886 targeting Singapore’s four largest telecommunications operators. CSA said the attack was contained through Operation CYBER GUARDIAN without disruption to services or evidence of customer data being compromised.
CSA is also requiring critical information infrastructure owners to attain Cyber Trust mark certification by the end of 2027. The requirement is intended to extend good cybersecurity practices across broader enterprise environments that support critical infrastructure operations.
In 2025, Singapore also conducted its largest Exercise Cyber Star, involving close to 500 participants from CSA, the Singapore Armed Forces’ Digital and Intelligence Service and critical infrastructure owners across 11 sectors.
CSA said it has expanded Cyber Essentials and Cyber Trust mark certifications to include mandatory cloud and AI security requirements. More than 800 organisations had attained at least one Cyber Essentials certification as of early 2026.
The agency is also advancing Singapore’s National Quantum-Safe initiative, working with industry, academia and international partners to raise awareness of quantum risks, support migration planning and accelerate adoption of quantum-safe technologies.
CSA said Singapore will continue investing in cybersecurity capabilities, strengthening partnerships and supporting secure adoption of emerging technologies in an AI-driven threat landscape.
Commissioner of Cybersecurity and CSA Chief Executive David Koh said Singapore must ‘lock down, find first, and fix fast’ as AI and quantum technologies reshape cyber risks. He said the response must be continuous, with government, industry and citizens working together to ensure digital innovation develops alongside trust and security.
The report illustrates how Singapore is treating cybersecurity as a continuous national resilience effort encompassing AI, critical infrastructure, ransomware, online scams and future quantum threats.
Why does it matter?
Singapore’s strategy reflects a growing shift from reactive cybersecurity towards continuous cyber resilience. Rather than addressing individual threats in isolation, the government is integrating AI security, critical infrastructure protection, scam prevention, cybersecurity certification and quantum readiness into a coordinated national strategy.
The report also illustrates how AI is changing cybersecurity on both sides of the equation. While attackers are using AI to accelerate phishing, malware development and vulnerability exploitation, governments are increasingly deploying AI to strengthen cyber defence, making secure AI deployment and governance central components of national cybersecurity policy.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
